Why the police virus was so effective

Scam preyed on fear and guilt

By PC Advisor staff | PC Advisor | 26 February 13

Last week Europol and Spanish police arrested 11 of the suspected criminals behind the so-called police virus that has targeted over 30 countries, including the UK. The leader of the criminal gang, a 27-year-old Russian, was arrested in the United Arab Emirates, while 10 other members, including six Russians, two Ukrainians and two Georgians were arrested on the Costa del Sol in Spain.

The virus froze the targeted computer with a screen shot from the 'police', stating that the user had visited illegal websites and had to pay a fine to unlock their computer.

Europol reports that they have identified up to 48 variants of this virus, which was first discovered two years ago.

Europol Director Rob Wainwright told Reuters that the virus has made millions for the scammers. "If we take into account that the average fine was 100 Euros ($130) and 3 percent paid it, then the estimated damage is millions of euros," he said.

Also British users have been hit by the virus, with messages appearing from "Metropolitan Police Central e-crime Unit (PCeU)". In line with police stations across the country, security expert Janus R. Nielsen from antivirus company www.mysecuritycenter.com confirmed receiving enquiries from British users, victims of the scam who didn't know how to get their computer unlocked again.

"This police virus consists of several Trojans that mimic legitimate software, which the user installs in good faith. This combined with the fact that it constantly updates automatically means that an antivirus program does not catch it. Once the virus is installed, it may contact the original server and allow remote access to your computer from anywhere in the world - a kind of spyware”, he explained.

Nielsen has studied the screen that pops up when the virus is installed, and he has several suggestions as to why this particular virus has been so effective.

"Firstly, it is translated into each country's language, and almost without spelling errors. There is also a logo from the national police, so it looks like an official request. It plays heavily on the natural fear and paranoia in people.

Who can say that they are 100 percent sure of never having visited - with or without intent – on less innocent sites? People get shocked to discover that they have been accused of visiting illegal sites, and this may lead some to losing their heads and paying immediately, just to get rid of the suspicion".

Nielsen believes that the trick is only one of the methods of stealing money. "The spyware that allows hackers to have access to content on your computer is an equally serious threat. Therefore, it is important that the virus is uninstalled properly, so you not only remove the screen picture, but also all the underlying malicious programs. Beside the fact that you never have to pay the fine, I would recommend getting a help from an IT professional when you get rid of the virus. Sometimes it may even be faster to reformat the whole machine," he said.